|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectjava.security.Permission
javacardx.security.URIPermission
javacardx.framework.ContextPermission
@TransactionType(value=NOT_SUPPORTED) public final class ContextPermission
This class is for firewall-enforced context permissions. The ContextPermission extends the URIPermission and defines specific actions. A ContextPermission consists of a URI and a set of actions valid for that URI.
The URI of a ContextPermission may designate an application or a protection domain.
Additionally, in order to designate applications
which register standard services without specifically naming these
applications, the URI of a ContextPermission may designate applications using
a service URI such as sio:///standard/auth/*
(note that standard
event URIs cannot be used).
The URI of a ContextPermission may designate:
///transit/pos
or
sio:///standard/auth/holder/global/owner/pin
.
///transit/*
or
sio:///standard/auth/*
.
pd:Classic
.
The actions to be granted are passed to the constructor in a string containing a list of one or more comma-separated keywords. The possible keywords are "switch", and "transfer". Their meaning is defined as follows:
The actions string is converted to lowercase before processing.
URIPermission
,
Permission
,
AccessController
,
AccessControlException
Field Summary | |
---|---|
static String |
ACTION_SWITCH
The "switch" action. |
static String |
ACTION_TRANSFER
The "transfer" action. |
Constructor Summary | |
---|---|
ContextPermission(String uri,
String actions)
Creates a new ContextPermission object with the specified actions. |
Method Summary | |
---|---|
protected String[] |
getPossibleActions()
Returns the possible actions in the following order: switch, transfer. |
Methods inherited from class javacardx.security.URIPermission |
---|
equals, getActions, hashCode, implies |
Methods inherited from class java.security.Permission |
---|
getName, toString |
Methods inherited from class java.lang.Object |
---|
getClass, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
public static final String ACTION_SWITCH
public static final String ACTION_TRANSFER
Constructor Detail |
---|
public ContextPermission(String uri, String actions)
uri identifies one of the following:
A URI that ends in "/*" is a path-prefix pattern. It designates the root of a namespace which includes all resources within its scope.
If the URI has a "pd:" scheme, it is interpreted as an opaque URI designating a protection domain. Otherwise, if the URI is an absolute hierarchical URI, it must designate a service. Otherwise, if the URI is a relative hierarchical URI, it is interpreted as a URI designating an application.
A hierarchical URI with a relative path is resolved relatively to the
current application's URI. The application URI admin
would
be resolved to ///transit/admin
in the context of the
application's ///transit/pos
. A URI consisting of a
single "*" is resolved relatively to the current application's URI. In
the previous example, it would be resolved to ///transit/*
.
A URI consisting of a "/*" designates all applications.
uri
- an exact or path-prefix URI pattern designating a set of
applications, services, or a protection domain.actions
- the action string.
NullPointerException
- if uri
or actions
is null
.
IllegalArgumentException
- uri
is not a well-formed application, service
or protection domain URIactions
is empty or contains an action
other than the specified possible actions.SecurityException
- if uri
or actions
is not
accessible in the caller's context.Method Detail |
---|
protected String[] getPossibleActions()
Note: this method returns a different array (a defensive copy) upon each call in order to guarantee the immutability of this permission object.
getPossibleActions
in class URIPermission
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |